The electronic transmission of documents by way of facsimile (fax) systems employing public and private switched telephone networks has become both commonplace and, often, an essential component in many business activities. It is estimated that the current number of facsimile machines in the United States is over 12 million and the number is expected to grow to over 25 million by 1995. In view of the large amount of facsimile documents sent each day, a number of these facsimiles may be erroneously sent or received by unintended parties. This can lead to serious repercussions if the document being transmitted was of a sensitive or confidential nature. Documented facsimile transmission errors which may lead to the compromise of sensitive documents include: (i) dialing the wrong facsimile number or punching the wrong button on a pre-programmed automatic dialer, or (ii) sending the facsimile to the right number, but having an unintended party pick up the facsimile on the receiving end.
There are many businesses, such as CPA firms, banks, stockbrokers, etc., as well as many personal situations, where confidentiality of facsimiles may be important. The risks of an improper or misdirected facsimile transmission are of particular concern to attorneys. Sending a sensitive document to the wrong facsimile number may breach an attorney's ethical duty to maintain the confidentiality of his client. Since the ethical code extends the duty of confidentiality to an attorney's employees, this risk is broadened each time an attorney delegates the responsibility for faxing a document to another party. Aside from the ethical consideration, a misdirected or errant fax may also forfeit the attorney-client privilege. Since a privileged communication must be intended as confidential, a wayward fax sent to the wrong number or to a third person may destroy this privilege. In addition, the risk of a carelessly sent fax may result in legal malpractice or the loss of clients. Additionally, many documents sent to a recipient may not be privileged, but contain highly sensitive information the recipient does not want revealed to anyone except himself and any authorized person(s).
Pre-programming frequently used telephone numbers into a fax machine's automatic dialer may help eliminate misdialing, but hitting the wrong button can also create severe problems. If an otherwise privileged fax communication is inadvertently communicated to an unauthorized third person, the situation may be analogous to that of an eavesdropper.
Even if a fax is sent to the right party, problems of confidentiality still may occur when the receiving party is not physically present at the time of transmission or an unauthorized party retrieves the document. This is often a problem, especially in a busy office or where a machine is nominally unattended during the transmission, in that the originator has no control over who may be standing by the machine when the document prints out or who may leaf through a stack of faxes piled up in a hopper right after lunch.
This security problem is exacerbated when it is desired to deliver fax documents to a recipient who is not currently available through a known machine (e.g., a person on a business trip). This is a very inconvenient situation in that it requires that the paper documents be held until the traveler phones in from a remote machine. It further requires that the document be sent to a non-secured site, such as the front desk of a hotel. This leaves many opportunities for the confidential fax to be seen by unauthorized eyes.
Careless and misdirected fax transmissions can mean loss of dollars for interested parties and possible claims of legal malpractice for attorneys.
There are products and methods currently available to reduce the risk of misdirected facsimiles. One method is to require that a responsible person directly monitor the sending of a facsimile, while a person at the other end simultaneously monitors the receipt of the facsimile. This can be administratively burdensome and in some cases not practical for the user or recipient.
Specialized secure facsimile machines are currently available that scramble outgoing fax signals and unscramble incoming ones. One of the benefits of such scramblers is that if an operator misdials or misroutes a fax, the message is not sent. Among the drawbacks are the fact that such machines are expensive, with an average price tag of over $1,000, and they work only if the other party has the same brand of scrambler.
Another security method uses message authentication codes by means of a calculator equipped with a special chip that assembles and disassembles the codes to verify faxes.
Various communication systems which address some of the above concerns are known in the facsimile art. The patent to Gordon et al., U.S. Pat. No. 4,994,926, discloses a system and method for facilitating facsimile transmissions which includes a store-and-forward facility. The originator sends a fax to the store-and-forward facility and advises the facility of the destination fax number. The store-and-forward facility then spools all faxes for the intended machine and forwards the fax messages to the destination machine. Gordon specifically addresses the security problem of faxes and includes a feature by which the originator may designate a particular fax transmission as being a secure transmission. In this case, the store-and-forward facility notifies the intended recipient that a secure fax is waiting in his "Mailbox". The intended recipient must then telephone the store-and-forward facility and enter his personal identification number (PIN) before the store-and-forward facility will send the fax to the recipient's fax machine. The secret PIN number is assigned by the store-and-forward facility to each individual recipient subscriber. The number does not identify a message but identifies the subscriber. Thus, all recipients must be subscribers to the system and there is only one security code per subscriber.
The Gordon system suffers the deficiency that a recipient must be a subscriber before he can receive such faxes. It would be desirable to have a system which could be used by anyone, regardless of whether or not he or she is a subscriber. Furthermore, by assigning one security code per subscriber, if an unauthorized person obtains a subscriber's security code by covert means, that person can retrieve all confidential messages of that subscriber.
U.S. Pat. No. 4,935,955 to Neudorfer discloses a facsimile PBX system employing a security feature which allows only the authorized recipient of a message to access the incoming facsimile transmission. Access can be achieved by entering a password at the designated recipient's facsimile terminal, and only the messages designated for that particular recipient can be accessed from storage in an interface unit. This type of security is similar to that of Gordon, in that the password is unique for each designated recipient, not for each message. Furthermore, the password is generated by the recipient, whose office owns the facsimile PBX system.
The patent to Scherk et al., U.S Pat. No. 5,068,888, discloses an information delivery system for automatically delivering information from a control information storage facility by means of facsimile transmission to a facsimile machine positioned at a remote location. The particular information requested must be identified by appropriate identification codes. A caller desiring to access information from the information delivery system (such as a library) calls the system, gives at least an identification code for the documents selected for delivery and a telephone number of the user's facsimile machine. The system may verify that the user is authorized to access the requested documents. Thus, specific passwords may be used to access special documents. However, this is not a system for delivery of fax messages from a sender to a recipient. Furthermore, it is not intended for individual documents. Thus, Scherk does not solve the confidentiality problems discussed above.
Kurokawa U.S. Pat. No. 4,607,289 discloses a transceiver having a data storing and relaying function in which data and facsimile data transmitted thereto from a remote facsimile station is stored and then transmitted to a second remote facsimile station which is designated by the first remote station. The transceiver accepts a data reading request from the first remote station only when registered identification data coincides with identification data which is included in a control signal transmitted to the intermediate transceiver from the first remote station. This system is also in the nature of a facsimile mailbox system and does not solve the problems discussed above for a sender who desires to send a confidential fax to a recipient who is not a subscriber of the system.
Misholi U.S. Pat. No. 5,008,926 discloses a message management system comprising a system for producing a multi-media message, including a visual sensible portion and an aurally sensible portion. This patent is similar to the previously mentioned Gordon et al patent, U.S. Pat. No. 4,994,926, in that the system comprises a mailbox for a subscriber to receive either voice or fax messages. The system further gives the subscriber the ability to forward some, if not all, of the messages to another subscriber or to another designated number.
Wantanabe et al U.S. Pat. No. 5,170,428 discloses a data communication system having memory for storing data which is to be sent to multiple reception stations.
Furthermore, the following publications relate to facsimile communication transmission systems: "ITT Inaugurates FAXPAK," Business Communications Review, November-December, 1979, pp. 29-31; "Flexible Facsimile Transmission [FAXPAK]," Telecommunications, March, 1980, pp. 39-42.
None of the systems presently available adequately solves the important problem of preventing a sensitive fax document from inadvertently falling into the wrong hands due to the vagaries of facsimile transmission.